From mcevoy.pat at gmail.com  Wed Oct  5 10:08:27 2022
From: mcevoy.pat at gmail.com (Pat McEvoy)
Date: Wed, 5 Oct 2022 10:08:27 -0400
Subject: [talk] Reminder, Next NYC*BUG: Tonight!
Message-ID: <B85788F8-9916-46C1-BABF-D16AFB3FC74E@gmail.com>

NYCBUG social meeting is tonight!

Wednesday, October 5th 2022
6:45 pm
Torch & Crown Brewing Co.
12 Vandam St (just west of 6th Ave)
Nearest subways: C or E to Spring St; #1 to Houston St

Bring your stories and your questions. 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.nycbug.org:8443/pipermail/talk/attachments/20221005/240fdeed/attachment.htm>

From steve.b at osfda.org  Thu Oct  6 08:13:01 2022
From: steve.b at osfda.org (steve.b at osfda.org)
Date: Thu, 6 Oct 2022 08:13:01 -0400
Subject: [talk] Reminder, Next NYC*BUG: Tonight!
In-Reply-To: <B85788F8-9916-46C1-BABF-D16AFB3FC74E@gmail.com>
References: <B85788F8-9916-46C1-BABF-D16AFB3FC74E@gmail.com>
Message-ID: <49b90d52-4a2c-f254-1c62-659dcce5993a@osfda.org>

Just to add to our discussion last night:

I had praised a temperature gauge on your dash (presuming you are 
running a desktop; I myself sometimes use plasma...)

It's sort of like the standard we used to have in cars, where we had an 
oil temperature gauge. That was always a good idea to have, and they got 
rid of it to provide an illusion of simplicity (and also save money...)

Besides having a temp gauge for your SSD to identify it as redlining and 
threatening the disk lifetime, it also is a great way to tell if you 
either have a process run amok and/or a RAT in play (but more 
sophisticated ransomware keep a low profile with regards to CPU 
utilization; just like the shrewder credit card scammers only put 
through zillions of small charges, betting that a consumer will not 
bother to run them down...)

On 10/5/22 10:08 AM, Pat McEvoy wrote:
> NYCBUG social meeting is tonight!
>
> Wednesday, October 5th 2022
> 6:45 pm
> Torch & Crown Brewing Co.
> 12 Vandam St?(just west of 6th Ave)
> Nearest subways: C or E to Spring St; #1 to Houston St
>
> Bring your stories and your questions.
>
>
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> https://lists.nycbug.org:8443/mailman/listinfo/talk
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.nycbug.org:8443/pipermail/talk/attachments/20221006/20d20326/attachment.htm>

From nonesuch at longcount.org  Sun Oct  9 17:06:10 2022
From: nonesuch at longcount.org (Mark Saad)
Date: Sun, 9 Oct 2022 17:06:10 -0400
Subject: [talk] I am bored sitting in a Burger King,
 so of course I join the Wi-Fi and play around .
Message-ID: <05DE2384-6A24-476E-981F-F296D268840D@longcount.org>

So like I said, I am bored sitting in a Burger King and they have free Wi-Fi . It a fortinet captive portal on optimum cable internet . However a tracer out shows this .


#1
- RTT [ms]: 2.7
- Probe Send Time: 4:30:50 PM
- IP Address: 192.168.20.254
- TTL: 255

#2
- RTT [ms]: 2.9
- Probe Send Time: 4:30:50 PM
- IP Address: 223.255.0.2
- TTL: 254
- Country Name: China
- Country Code: CN
- Time Zone: Asia/Shanghai

#3
- Probe Send Time: 4:30:51 PM

#4
- RTT [ms]: 12.2
- Probe Send Time: 4:30:54 PM
- IP Address: 67.59.255.241
- TTL: 252
- Country Name: United States
- Country Code: US
- Time Zone: America/Chicago

#5
- RTT [ms]: 11.9
- Probe Send Time: 4:30:54 PM
- IP Address: 167.206.32.6
- Hostname: dstswr2-ge3-1.rh.hcvlny.cv.net
- TTL: 251
- AS Number: AS6128
- AS Name: CABLE-NET-1
- Country Name: United States
- Country Code: US
- Time Zone: America/New_York
- Region: NY
- City: New Rochelle
- Latitude: 40.92
- Longitude: -73.79

#6
- RTT [ms]: 15.0
- Probe Send Time: 4:30:54 PM
- IP Address: 64.15.4.134
- TTL: 248
- Country Name: United States
- Country Code: US
- Time Zone: America/Chicago

#7
- RTT [ms]: 16.1
- Probe Send Time: 4:30:54 PM
- IP Address: 64.15.1.88
- TTL: 249
- Country Name: United States
- Country Code: US
- Time Zone: America/Chicago

#8
- RTT [ms]: 16.4
- Probe Send Time: 4:30:54 PM
- IP Address: 72.14.215.203
- TTL: 244
- AS Number: AS15169
- AS Name: GOOGLE
- Country Name: United States
- Country Code: US
- Time Zone: America/Chicago

#9
- Probe Send Time: 4:30:55 PM

#10
- RTT [ms]: 29.3
- Probe Send Time: 4:30:58 PM
- IP Address: 142.251.65.110
- TTL: 54
- AS Number: AS15169
- AS Name: GOOGLE
- Country Name: United States
- Country Code: US
- Time Zone: America/Chicago

#11
- RTT [ms]: 20.8
- Probe Send Time: 4:30:59 PM
- IP Address: 108.170.248.116
- TTL: 246
- AS Number: AS15169
- AS Name: GOOGLE
- Country Name: United States
- Country Code: US
- Time Zone: America/Chicago

#12
- RTT [ms]: 14.6
- Probe Send Time: 4:30:59 PM
- IP Address: 142.251.40.174
- Hostname: google.com
- TTL: 245
- AS Number: AS15169
- AS Name: GOOGLE
- Country Name: United States
- Country Code: US
- Time Zone: America/Chicago

#13
- RTT [ms]: 14.9
- Probe Send Time: 4:30:59 PM
- IP Address: 142.251.40.174
- Hostname: google.com
- TTL: 115
- AS Number: AS15169
- AS Name: GOOGLE
- Country Name: United States
- Country Code: US
- Time Zone: America/Chicago

My external ip is 68.196.104.162 . So it looks like my second hop is a ip allocated to bytedance , in china ? So is this some weird tictok crap ? 

Thoughts ? 

---
Mark Saad | nonesuch at longcount.org


From anthony.elizondo at gmail.com  Sun Oct  9 20:24:59 2022
From: anthony.elizondo at gmail.com (Anthony Elizondo)
Date: Sun, 9 Oct 2022 20:24:59 -0400
Subject: [talk] I am bored sitting in a Burger King,
 so of course I join the Wi-Fi and play around .
In-Reply-To: <05DE2384-6A24-476E-981F-F296D268840D@longcount.org>
References: <05DE2384-6A24-476E-981F-F296D268840D@longcount.org>
Message-ID: <CAL44HZ1imfHP4FF5p8JXw5rnfS3XipPksBr6JSe08QH=J=ZCZQ@mail.gmail.com>

On Sun, Oct 9, 2022 at 5:08 PM Mark Saad <nonesuch at longcount.org> wrote:

> So like I said, I am bored sitting in a Burger King and they have free
> Wi-Fi . It a fortinet captive portal on optimum cable internet . However a
> tracer out shows this .
>
>
> #1
> - RTT [ms]: 2.7
> - Probe Send Time: 4:30:50 PM
> - IP Address: 192.168.20.254
> - TTL: 255
>
> #2
> - RTT [ms]: 2.9
> - Probe Send Time: 4:30:50 PM
> - IP Address: 223.255.0.2
> - TTL: 254
> - Country Name: China
> - Country Code: CN
> - Time Zone: Asia/Shanghai
>
> #3
> - Probe Send Time: 4:30:51 PM
>
> #4
> - RTT [ms]: 12.2
> - Probe Send Time: 4:30:54 PM
> - IP Address: 67.59.255.241
> - TTL: 252
> - Country Name: United States
> - Country Code: US
> - Time Zone: America/Chicago
>
> #5
> - RTT [ms]: 11.9
> - Probe Send Time: 4:30:54 PM
> - IP Address: 167.206.32.6
> - Hostname: dstswr2-ge3-1.rh.hcvlny.cv.net
> - TTL: 251
> - AS Number: AS6128
> - AS Name: CABLE-NET-1
> - Country Name: United States
> - Country Code: US
> - Time Zone: America/New_York
> - Region: NY
> - City: New Rochelle
> - Latitude: 40.92
> - Longitude: -73.79
>
> #6
> - RTT [ms]: 15.0
> - Probe Send Time: 4:30:54 PM
> - IP Address: 64.15.4.134
> - TTL: 248
> - Country Name: United States
> - Country Code: US
> - Time Zone: America/Chicago
>
> #7
> - RTT [ms]: 16.1
> - Probe Send Time: 4:30:54 PM
> - IP Address: 64.15.1.88
> - TTL: 249
> - Country Name: United States
> - Country Code: US
> - Time Zone: America/Chicago
>
> #8
> - RTT [ms]: 16.4
> - Probe Send Time: 4:30:54 PM
> - IP Address: 72.14.215.203
> - TTL: 244
> - AS Number: AS15169
> - AS Name: GOOGLE
> - Country Name: United States
> - Country Code: US
> - Time Zone: America/Chicago
>
> #9
> - Probe Send Time: 4:30:55 PM
>
> #10
> - RTT [ms]: 29.3
> - Probe Send Time: 4:30:58 PM
> - IP Address: 142.251.65.110
> - TTL: 54
> - AS Number: AS15169
> - AS Name: GOOGLE
> - Country Name: United States
> - Country Code: US
> - Time Zone: America/Chicago
>
> #11
> - RTT [ms]: 20.8
> - Probe Send Time: 4:30:59 PM
> - IP Address: 108.170.248.116
> - TTL: 246
> - AS Number: AS15169
> - AS Name: GOOGLE
> - Country Name: United States
> - Country Code: US
> - Time Zone: America/Chicago
>
> #12
> - RTT [ms]: 14.6
> - Probe Send Time: 4:30:59 PM
> - IP Address: 142.251.40.174
> - Hostname: google.com
> - TTL: 245
> - AS Number: AS15169
> - AS Name: GOOGLE
> - Country Name: United States
> - Country Code: US
> - Time Zone: America/Chicago
>
> #13
> - RTT [ms]: 14.9
> - Probe Send Time: 4:30:59 PM
> - IP Address: 142.251.40.174
> - Hostname: google.com
> - TTL: 115
> - AS Number: AS15169
> - AS Name: GOOGLE
> - Country Name: United States
> - Country Code: US
> - Time Zone: America/Chicago
>
> My external ip is 68.196.104.162 . So it looks like my second hop is a ip
> allocated to bytedance , in china ? So is this some weird tictok crap ?
>
> Thoughts ?
>

Looks like Fortinet devices use 223.X for internal services. See
https://www.fortinetguru.com/2017/03/fortiwan-dns-proxy/
223/8 was assigned to APNIC and started to be used in 2010. Prior to that I
think it was UNALLOCATED.
https://www.iana.org/reports/2008/sample-ipv4-address-space.xhtml
Another instance of using IP space that isn't yours, I guess.

Anthony


> ---
> Mark Saad | nonesuch at longcount.org
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> https://lists.nycbug.org:8443/mailman/listinfo/talk
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.nycbug.org:8443/pipermail/talk/attachments/20221009/698becb0/attachment.htm>